Line | Source | Count |
1 | | - |
2 | | - |
3 | | - |
4 | | - |
5 | | - |
6 | | - |
7 | | - |
8 | | - |
9 | | - |
10 | | - |
11 | | - |
12 | | - |
13 | | - |
14 | | - |
15 | | - |
16 | | - |
17 | | - |
18 | | - |
19 | | - |
20 | | - |
21 | | - |
22 | | - |
23 | | - |
24 | | - |
25 | | - |
26 | | - |
27 | | - |
28 | | - |
29 | | - |
30 | | - |
31 | | - |
32 | | - |
33 | | - |
34 | | - |
35 | | - |
36 | | - |
37 | | - |
38 | | - |
39 | | - |
40 | | - |
41 | | - |
42 | | - |
43 | | - |
44 | | - |
45 | | - |
46 | | - |
47 | | - |
48 | | - |
49 | | - |
50 | | - |
51 | | - |
52 | | - |
53 | | - |
54 | | - |
55 | | - |
56 | | - |
57 | | - |
58 | | - |
59 | #include <stdio.h> | - |
60 | #include <string.h> | - |
61 | | - |
62 | #include <openssl/asn1.h> | - |
63 | #include <openssl/asn1t.h> | - |
64 | #include <openssl/conf.h> | - |
65 | #include <openssl/err.h> | - |
66 | #include <openssl/x509v3.h> | - |
67 | | - |
68 | static STACK_OF(CONF_VALUE) *i2v_AUTHORITY_KEYID(X509V3_EXT_METHOD *method, | - |
69 | AUTHORITY_KEYID *akeyid, STACK_OF(CONF_VALUE) *extlist); | - |
70 | static AUTHORITY_KEYID *v2i_AUTHORITY_KEYID(X509V3_EXT_METHOD *method, | - |
71 | X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *values); | - |
72 | | - |
73 | const X509V3_EXT_METHOD v3_akey_id = { | - |
74 | .ext_nid = NID_authority_key_identifier, | - |
75 | .ext_flags = X509V3_EXT_MULTILINE, | - |
76 | .it = &AUTHORITY_KEYID_it, | - |
77 | .ext_new = NULL, | - |
78 | .ext_free = NULL, | - |
79 | .d2i = NULL, | - |
80 | .i2d = NULL, | - |
81 | .i2s = NULL, | - |
82 | .s2i = NULL, | - |
83 | .i2v = (X509V3_EXT_I2V)i2v_AUTHORITY_KEYID, | - |
84 | .v2i = (X509V3_EXT_V2I)v2i_AUTHORITY_KEYID, | - |
85 | .i2r = NULL, | - |
86 | .r2i = NULL, | - |
87 | .usr_data = NULL, | - |
88 | }; | - |
89 | | - |
90 | static | - |
91 | STACK_OF(CONF_VALUE) *i2v_AUTHORITY_KEYID(X509V3_EXT_METHOD *method, | - |
92 | AUTHORITY_KEYID *akeyid, STACK_OF(CONF_VALUE) *extlist) | - |
93 | { | - |
94 | char *tmp; | - |
95 | | - |
96 | if (akeyid->keyid) {TRUE | never evaluated | FALSE | never evaluated |
| 0 |
97 | tmp = hex_to_string(akeyid->keyid->data, akeyid->keyid->length); | - |
98 | X509V3_add_value("keyid", tmp, &extlist); | - |
99 | free(tmp); | - |
100 | } never executed: end of block | 0 |
101 | if (akeyid->issuer)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
102 | extlist = i2v_GENERAL_NAMES(NULL, akeyid->issuer, extlist); never executed: extlist = i2v_GENERAL_NAMES( ((void *)0) , akeyid->issuer, extlist); | 0 |
103 | if (akeyid->serial) {TRUE | never evaluated | FALSE | never evaluated |
| 0 |
104 | tmp = hex_to_string(akeyid->serial->data, | - |
105 | akeyid->serial->length); | - |
106 | X509V3_add_value("serial", tmp, &extlist); | - |
107 | free(tmp); | - |
108 | } never executed: end of block | 0 |
109 | return extlist; never executed: return extlist; | 0 |
110 | } | - |
111 | | - |
112 | | - |
113 | | - |
114 | | - |
115 | | - |
116 | | - |
117 | | - |
118 | | - |
119 | | - |
120 | static AUTHORITY_KEYID * | - |
121 | v2i_AUTHORITY_KEYID(X509V3_EXT_METHOD *method, X509V3_CTX *ctx, | - |
122 | STACK_OF(CONF_VALUE) *values) | - |
123 | { | - |
124 | char keyid = 0, issuer = 0; | - |
125 | int i; | - |
126 | CONF_VALUE *cnf; | - |
127 | ASN1_OCTET_STRING *ikeyid = NULL; | - |
128 | X509_NAME *isname = NULL; | - |
129 | STACK_OF(GENERAL_NAME) *gens = NULL; | - |
130 | GENERAL_NAME *gen = NULL; | - |
131 | ASN1_INTEGER *serial = NULL; | - |
132 | X509_EXTENSION *ext; | - |
133 | X509 *cert; | - |
134 | AUTHORITY_KEYID *akeyid = NULL; | - |
135 | | - |
136 | for (i = 0; i < sk_CONF_VALUE_num(values); i++) {TRUE | never evaluated | FALSE | never evaluated |
| 0 |
137 | cnf = sk_CONF_VALUE_value(values, i); | - |
138 | if (!strcmp(cnf->name, "keyid")) { never executed: __result = (((const unsigned char *) (const char *) ( cnf->name ))[3] - __s2[3]); never executed: end of block never executed: end of block never executed: __result = (((const unsigned char *) (const char *) ( "keyid" ))[3] - __s2[3]); never executed: end of block never executed: end of block TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
| 0 |
139 | keyid = 1; | - |
140 | if (cnf->value && !strcmp(cnf->value, "always")) never executed: __result = (((const unsigned char *) (const char *) ( cnf->value ))[3] - __s2[3]); never executed: end of block never executed: end of block never executed: __result = (((const unsigned char *) (const char *) ( "always" ))[3] - __s2[3]); never executed: end of block never executed: end of block TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
| 0 |
141 | keyid = 2; never executed: keyid = 2; | 0 |
142 | } never executed: end of block | 0 |
143 | else if (!strcmp(cnf->name, "issuer")) { never executed: __result = (((const unsigned char *) (const char *) ( cnf->name ))[3] - __s2[3]); never executed: end of block never executed: end of block never executed: __result = (((const unsigned char *) (const char *) ( "issuer" ))[3] - __s2[3]); never executed: end of block never executed: end of block TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
| 0 |
144 | issuer = 1; | - |
145 | if (cnf->value && !strcmp(cnf->value, "always")) never executed: __result = (((const unsigned char *) (const char *) ( cnf->value ))[3] - __s2[3]); never executed: end of block never executed: end of block never executed: __result = (((const unsigned char *) (const char *) ( "always" ))[3] - __s2[3]); never executed: end of block never executed: end of block TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
| 0 |
146 | issuer = 2; never executed: issuer = 2; | 0 |
147 | } else { never executed: end of block | 0 |
148 | X509V3error(X509V3_R_UNKNOWN_OPTION); | - |
149 | ERR_asprintf_error_data("name=%s", cnf->name); | - |
150 | return NULL; never executed: return ((void *)0) ; | 0 |
151 | } | - |
152 | } | - |
153 | | - |
154 | if (!ctx || !ctx->issuer_cert) {TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
| 0 |
155 | if (ctx && (ctx->flags == CTX_TEST))TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
| 0 |
156 | return AUTHORITY_KEYID_new(); never executed: return AUTHORITY_KEYID_new(); | 0 |
157 | X509V3error(X509V3_R_NO_ISSUER_CERTIFICATE); | - |
158 | return NULL; never executed: return ((void *)0) ; | 0 |
159 | } | - |
160 | | - |
161 | cert = ctx->issuer_cert; | - |
162 | | - |
163 | if (keyid) {TRUE | never evaluated | FALSE | never evaluated |
| 0 |
164 | i = X509_get_ext_by_NID(cert, NID_subject_key_identifier, -1); | - |
165 | if ((i >= 0) && (ext = X509_get_ext(cert, i)))TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
| 0 |
166 | ikeyid = X509V3_EXT_d2i(ext); never executed: ikeyid = X509V3_EXT_d2i(ext); | 0 |
167 | if (keyid == 2 && !ikeyid) {TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
| 0 |
168 | X509V3error(X509V3_R_UNABLE_TO_GET_ISSUER_KEYID); | - |
169 | return NULL; never executed: return ((void *)0) ; | 0 |
170 | } | - |
171 | } never executed: end of block | 0 |
172 | | - |
173 | if ((issuer && !ikeyid) || (issuer == 2)) {TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
| 0 |
174 | isname = X509_NAME_dup(X509_get_issuer_name(cert)); | - |
175 | serial = ASN1_INTEGER_dup(X509_get_serialNumber(cert)); | - |
176 | if (!isname || !serial) {TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
| 0 |
177 | X509V3error(X509V3_R_UNABLE_TO_GET_ISSUER_DETAILS); | - |
178 | goto err; never executed: goto err; | 0 |
179 | } | - |
180 | } never executed: end of block | 0 |
181 | | - |
182 | if (!(akeyid = AUTHORITY_KEYID_new()))TRUE | never evaluated | FALSE | never evaluated |
| 0 |
183 | goto err; never executed: goto err; | 0 |
184 | | - |
185 | if (isname) {TRUE | never evaluated | FALSE | never evaluated |
| 0 |
186 | if (!(gens = sk_GENERAL_NAME_new_null()) ||TRUE | never evaluated | FALSE | never evaluated |
| 0 |
187 | !(gen = GENERAL_NAME_new()) ||TRUE | never evaluated | FALSE | never evaluated |
| 0 |
188 | !sk_GENERAL_NAME_push(gens, gen)) {TRUE | never evaluated | FALSE | never evaluated |
| 0 |
189 | X509V3error(ERR_R_MALLOC_FAILURE); | - |
190 | goto err; never executed: goto err; | 0 |
191 | } | - |
192 | gen->type = GEN_DIRNAME; | - |
193 | gen->d.dirn = isname; | - |
194 | } never executed: end of block | 0 |
195 | | - |
196 | akeyid->issuer = gens; | - |
197 | akeyid->serial = serial; | - |
198 | akeyid->keyid = ikeyid; | - |
199 | | - |
200 | return akeyid; never executed: return akeyid; | 0 |
201 | | - |
202 | err: | - |
203 | AUTHORITY_KEYID_free(akeyid); | - |
204 | GENERAL_NAME_free(gen); | - |
205 | sk_GENERAL_NAME_free(gens); | - |
206 | X509_NAME_free(isname); | - |
207 | ASN1_INTEGER_free(serial); | - |
208 | ASN1_OCTET_STRING_free(ikeyid); | - |
209 | return NULL; never executed: return ((void *)0) ; | 0 |
210 | } | - |
| | |